Researchers from security company ESET have spotted one malware which steals login credentials to Facebook. Το trojan έχει μεταμφιεστεί σε παιχνίδι της πλατφόρμας του Android and has come down a million times to date.
ESET's Robert Lipovsky says the Cowboy Adventure game and Jump Chess before being removed from Google Play for Facebook credentials have been downloaded by users of the service a million times.
Fraudsters had seemingly created a legitimate game by copying popular titles, adding malicious code that stole Facebook passwords from phishing websites that were opened through the malicious games.
Lipovsky Reported that "… although the number of potential victims was one million, there were many who were not deceived by the fraud."
"Our analysis of these malicious games has shown that the applications were written in C # and used the Mono Framework.
"THE code phishing βρίσκεται μέσα στο TinkerAccountLibrary.dll. Η εφαρμογή επικοινωνεί με το διακομιστή διοίκησης και ελέγχου μέσω HTTPS και η διεύθυνση στην οποία αποστέλλει τα διαπιστευτήρια που συλλέγει, τα φορτώνει στον διακομιστή δυναμικά.”